If you haven't attended a Raleigh ISSA meeting yet, here are some notes to make your first trip easy. We have designated New Attendee Liaisons to meet you, show you around and answer any questions you may have about ISSA, our chapter or events.

1. Dress code is casual to business casual.

2. Show up at RTP Headquarters, 12 Davis Drive around 6:00pm for food and mingling.

3. Walk in the front door and turn to your left.

4. The sign-in table is right in front of you. Get your name badge.

5. Meet, mingle, eat, be merry and enjoy the presentation.

6. If you can't make it by 6:00, that's fine. The presentation starts at 7:20 but we encourage you to arrive by 7:00.

“Where do I begin?”

At the Raleigh ISSA chapter, we get this question a lot. Whether you’re just coming out of school, or are wanting to make a mid-career transition, you want to “break in” to the Information Security (“InfoSec”) field. That’s great!

We have some bad news and some good news. The bad news is that InfoSec isn’t easy; you’ll need to study hard, learn a lot of seemingly arcane topics and commands, and then apply them to networks and situations where you either want to prevent a compromise, or create one (in a penetration test where you have the full permission of the network owner, of course).

The good news is that there are a lot of free and low-cost resources you can use right away to learn about InfoSec! We’ve created a list below of some of them, and will be adding more in the future. Good luck, and don’t be afraid to ask us questions!

First thing: Start practicing on your own equipment. Do not (do not) practice on or attack or otherwise scan, enumerate, harass, bend, fold, spindle or do anything untoward against any system you do not own or have express permission to touch! Instead, download and install a free hypervisor like VirtualBox or VMWare, then download the ISO files for Kali Linux and Metasploitable and convert them into virtual machines. Practice by using Kali to attack Metasploitable, all on your own computer!

Finally, one of the best ways to keep up in the security field is to watch what others are talking about! Get a Twitter account (you don’t have to post anything if you don’t want to) and watch the feeds. You’ll learn things much faster than watching the news.